Hardware lock?

[TsterT]

Hey guys, how can I make my vb10 project bind to a PC, and cannot be used on any other PC?

If you are wondering why I want this, is because it is a VIP project, that you need to pay for.

Thanks,
TsterT™

[Kasracer]

Not possible. There are some solutions that may be good enough but it won't be possible to completely lock it down.

You could go the software route. Use some hardware components and their serial numbers or something, hash them together and use that as a key. But someone can just yank that code out of your application.

You could go the hardware route and use a dongle but that's by-passable by either yanking the code that does the authentication or by emulating the dongle.

My thinking? Why bother. It'll only hurt your customs; pirates would have already ripped out your authentication code and can use it without problems mean-while your legit custom had a hardware failure and now they need to request a new code from your.

[TsterT]

Hey.

My project isn't really protective, at all...So there is not authentication codes required.

And I've seen some programs that require your to run another program, and that 2nd program gives you an authentication code, and redirects you to a website, where you enter that authentication code, and the 1st program is then bound to your computer.

Thanks,
TsterT

[TheDeathly]

if you pack your code with themida or some sort of packing software, so others cant decrypt/"yank" the code out. If you want to HWID lock something itll take a lot.. first a database to save customers HWID(Hard ware ID ** The custom hash you make or take) then the program to create the hash and check it from the database. This will prevent from any other computer from using it.

[TsterT]

hm, sound to far out of my range. Do you know how I can make it so there are a bunch of authentication codes build into the project, and when someone enters that authentication code, it gets removed from the coding, so it can't be used again?

Again, Thanks,
TsterT

[keystone_paul]

This is basically a question that gets asked time and time again on here. I'd recommend using the search facility and look at some of the threads on the subject.

There isn't a simple answer - you can license 3rd party systems to help with it but none are foolproof and its always a tradeoff of how much effort and cost you want to incur vs the damage to you financially if other people pirate the software.

[TsterT]

Well, what I was thinking, is that I make my program self-updating. So whenever I sell the VIP project, I give them a authentication code that the program is familiar with, and once they register it, I remove that authentication code from the program, so you can't use it again, and the the user only has to enter that authentication code when he downloads the program, and never after.

[Shaggy Hiker]

How about just selling them the updates. That way you can make money off the pirates, too.

[IanS]

I did something like this once. But instead of locking to the hardware I generated a random serial number the first time the software was used. That number was hidden in a couple of places in the registry and file system.

When the user clicked the BuyNow button the software displayed the serial number and directed the user to a website to make the payment. The payment system asked him to input his serial number along with his payment details. At the end of the payment process the webpage displayed his full activation code and emailed it to him as well.

That activation code only worked on the computer where that random serial number existed. Any other install would have generated a different random number and would therefore not accept the activation code.

Weakness in this is that.

1. If the user cloned that computer then all clones would contain the same random number and would therefore accept the same activation code.

2. Savvy users can find software on the web which records the steps taken by an application and would therefore find the random number and be able to replicate that on other computers.

Of course that isn't secure but you may be interested to know that as soon as my application got hacked in china and started to appear on all the torrents and warez sites the sales of my application doubled.

If your application is good then people will buy it. People who would steal it would never buy it anyway and I'd rather they steal mine than steal somebody else's. As I said, they wouldn't buy it anyway so I didn't lose anything but have gained exposure to potential customers.

[TsterT]

After making my previous post, I was thinking how I would accomplish what I am wanting to do, so I came up with this idea.

When the program is ran the first time, it creates a settings file in a folder where they wouldn't look. And that settings file has a bunch of random numbers and letters, that mean something. If the code says for example, 4hj12, it doesn't ask for an authentication code. If it says for example, h2kfs, it does.

Then I really wouldn't have to worry to much about reusing authentication codes. But what I'm worried about, is how will the program know if the settings file is there or not, so it doesn't recreate the same file, and keep asking for an authentication code.

[IanS]

. . . But what I'm worried about, is how will the program know if the settings file is there or not, . . . .

In VB6 you can do something like

Code:

If Dir("FileName") <> "" then
    ' File Exists
  else
    ' File Doesn't exist
end if

I'm not sure if vb.net has a similar function to Dir( ) ? (That function returns the name of the file so

Dir("FileNa*")

note the * wildcard - returns the file name of files with matching names so give it the exact name and it returns the name if it exists or an empty string if it doesn't.

[TsterT]

Alright, the vb6 code worked perfectly, but I can't seem to find a code that checks the settings file for the random numbers/letters

[Kasracer]

[...]I generated a random serial number the first time the software was used. That number was hidden in a couple of places in the registry and file system.[...]

When the program is ran the first time, it creates a settings file in a folder where they wouldn't look.

This is irresponsible. The system gives you distinct places to place data saved from your application. Going outside of those well-defined places makes other solutions (such as backup, sync, etc) difficult to impossible to work with your products. Please, do not do this. If not for you then for the community .

[TsterT]

hm, well I pretty much made the coding inside the settings file almost impossible to crack, as it changes every time the project closes. So i guess I can make it in the same folder as the program.

[Kasracer]

hm, well I pretty much made the coding inside the settings file almost impossible to crack, as it changes every time the project closes. So i guess I can make it in the same folder as the program.

You can't do that either. The Program Files directory should (and does, unless you modify permissions during install) require administrator access to modify anything. You should never store any data that can change, including settings, in that directory unless these are default settings that later get copied of a user directory.

[IanS]

This is irresponsible. The system gives you distinct places to place data saved from your application. Going outside of those well-defined places makes other solutions (such as backup, sync, etc) difficult to impossible to work with your products. Please, do not do this. If not for you then for the community .

So all software vendor's including Microsoft and pretty much every other 'market leader' play by the rules and they place their license keys in the correct places in plain view where every one can see them.

25 years ago MS would burn an extra track onto their floppy disks and hide information in that track which wouldn't be copied by normal copy/backup utilities. Other companies would mark sectors of the disk as bad when formatting and hide data in those sectors (I worked for a company that did just that) In the 90's MS even considered marking sectors of the HDD as bad sectors and then put license data into those sectors.

MS make rules which developers are supposed to follow - but if you think that everyone, including MS, play by those rules then I'm afraid you're wrong.

By the way, this post is in friendly, good humor - I'm not looking for a shouting match.

[Kasracer]

So all software vendor's including Microsoft and pretty much every other 'market leader' play by the rules and they place their license keys in the correct places in plain view where every one can see them.[...]MS make rules which developers are supposed to follow - but if you think that everyone, including MS, play by those rules then I'm afraid you're wrong.

Most large companies do not play by the rules. MS Office and Visual Studio are some of the largest offenders and the guidelines Microsoft publishes are not always followed by them.

I see nothing wrong with saving license keys in easy to access places. Why wouldn't you? Don't you want your customers to be able to copy them easily? Otherwise someone will just run a tool to see where all of the files your application uses are located and can pick it up; doing that just makes it harder for the legit folks trying to make backups, etc.

I don't think MS makes the rules in the development industry, though they do recommend most of what I have posted; they just don't follow it in most of their products. You shouldn't blindly follow a company's development procedures regardless of who they are. Figure out what works best for you, your customers and try to stick to good development practicies.

I'm not looking for a shouting match.

I'm not either. The internet is an awesome place to share your thoughts and to learn from others. You can learn the most from people you disagree with and practically every social jaunting allows both sides to learn something.